Microsoft has warned that Windows devices with the newest supported processors might be susceptible to data damage, noting the initial fix might have slowed operations down for some.
The data damage warning turned up in a support article (KB5017259) and is related to devices supporting the newest Vector Advanced Encryption Standard (VAES) instruction set.
It’s a bit awkward since Microsoft insisted that its infamous hardware compatibility list for Windows 11 was about CPU security and experience, but here we are. The issue also applies to Windows Server 2022.
The fix is, as ever, to bite the bullet and apply Microsoft’s updates. The June 23 patch preview release or July 12 security update should resolve the issue, although both carry their own complications. The July 12 patches (KB5015814), for example, left the Start Menu inoperative on some Windows 11 machines, resulting in a Known Issue Rollback for Microsoft.
The good news is that Microsoft reckons the data damage issue was already addressed in the May 24 patch preview and June 14 patch release. The bad news though is that performance was then affected for some users who applied those updates. BitLocker, TLS and Disk throughput (especially for enterprise customers) were hit and, according to Microsoft, “AES-based operations might be two times (2x) slower after installing the Windows update for the May 24, 2022 preview release or the June 14, 2022 security release.”
Microsoft wrote: “We added new code paths to the Windows 11 (original release) and Windows Server 2022 versions of SymCrypt to take advantage of VAES (vectorized AES) instructions. SymCrypt is the core cryptographic library in Windows. These instructions act on Advanced Vector Extensions (AVX) registers for hardware with the newest supported processors.
“Performance will be restored after you install the June 23, 2022 preview release or the July 12, 2022 security release.”
Oddly, the performance hit is not mentioned in the known issues for the May 24 or June 14 emissions for Windows 11 or Windows Server 2022, but at least Microsoft has come clean now, meaning those wondering why that server or laptop was running slow have an answer.
Microsoft’s warning carries a sharp edge or two. Yes, you need to keep up to date with patches but be warned, sometimes your computer might simply slow down until the next update.
As ever, test before deployment. ®